summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--doc/classes/FileAccess.xml2
-rw-r--r--doc/classes/Marshalls.xml2
-rw-r--r--doc/classes/PacketPeer.xml2
-rw-r--r--doc/classes/StreamPeer.xml2
4 files changed, 8 insertions, 0 deletions
diff --git a/doc/classes/FileAccess.xml b/doc/classes/FileAccess.xml
index be0c8fd6ca..03876cdc2e 100644
--- a/doc/classes/FileAccess.xml
+++ b/doc/classes/FileAccess.xml
@@ -249,6 +249,7 @@
<param index="0" name="allow_objects" type="bool" default="false" />
<description>
Returns the next [Variant] value from the file. If [param allow_objects] is [code]true[/code], decoding objects is allowed.
+ Internally, this uses the same decoding mechanism as the [method @GlobalScope.bytes_to_var] method.
[b]Warning:[/b] Deserialized objects can contain code which gets executed. Do not use this option if the serialized object comes from untrusted sources to avoid potential security threats such as remote code execution.
</description>
</method>
@@ -447,6 +448,7 @@
<param index="1" name="full_objects" type="bool" default="false" />
<description>
Stores any Variant value in the file. If [param full_objects] is [code]true[/code], encoding objects is allowed (and can potentially include code).
+ Internally, this uses the same encoding mechanism as the [method @GlobalScope.var_to_bytes] method.
[b]Note:[/b] Not all properties are included. Only properties that are configured with the [constant PROPERTY_USAGE_STORAGE] flag set will be serialized. You can add a new usage flag to a property by overriding the [method Object._get_property_list] method in your class. You can also check how property usage is configured by calling [method Object._get_property_list]. See [enum PropertyUsageFlags] for the possible usage flags.
</description>
</method>
diff --git a/doc/classes/Marshalls.xml b/doc/classes/Marshalls.xml
index 102e4b75ed..9e47130492 100644
--- a/doc/classes/Marshalls.xml
+++ b/doc/classes/Marshalls.xml
@@ -29,6 +29,7 @@
<param index="1" name="allow_objects" type="bool" default="false" />
<description>
Returns a decoded [Variant] corresponding to the Base64-encoded string [param base64_str]. If [param allow_objects] is [code]true[/code], decoding objects is allowed.
+ Internally, this uses the same decoding mechanism as the [method @GlobalScope.bytes_to_var] method.
[b]Warning:[/b] Deserialized objects can contain code which gets executed. Do not use this option if the serialized object comes from untrusted sources to avoid potential security threats such as remote code execution.
</description>
</method>
@@ -52,6 +53,7 @@
<param index="1" name="full_objects" type="bool" default="false" />
<description>
Returns a Base64-encoded string of the [Variant] [param variant]. If [param full_objects] is [code]true[/code], encoding objects is allowed (and can potentially include code).
+ Internally, this uses the same encoding mechanism as the [method @GlobalScope.var_to_bytes] method.
</description>
</method>
</methods>
diff --git a/doc/classes/PacketPeer.xml b/doc/classes/PacketPeer.xml
index ab2bc34672..5dd9c5c9f9 100644
--- a/doc/classes/PacketPeer.xml
+++ b/doc/classes/PacketPeer.xml
@@ -33,6 +33,7 @@
<param index="0" name="allow_objects" type="bool" default="false" />
<description>
Gets a Variant. If [param allow_objects] is [code]true[/code], decoding objects is allowed.
+ Internally, this uses the same decoding mechanism as the [method @GlobalScope.bytes_to_var] method.
[b]Warning:[/b] Deserialized objects can contain code which gets executed. Do not use this option if the serialized object comes from untrusted sources to avoid potential security threats such as remote code execution.
</description>
</method>
@@ -49,6 +50,7 @@
<param index="1" name="full_objects" type="bool" default="false" />
<description>
Sends a [Variant] as a packet. If [param full_objects] is [code]true[/code], encoding objects is allowed (and can potentially include code).
+ Internally, this uses the same encoding mechanism as the [method @GlobalScope.var_to_bytes] method.
</description>
</method>
</methods>
diff --git a/doc/classes/StreamPeer.xml b/doc/classes/StreamPeer.xml
index f05b5f7dbf..b4770e4b5d 100644
--- a/doc/classes/StreamPeer.xml
+++ b/doc/classes/StreamPeer.xml
@@ -109,6 +109,7 @@
<param index="0" name="allow_objects" type="bool" default="false" />
<description>
Gets a Variant from the stream. If [param allow_objects] is [code]true[/code], decoding objects is allowed.
+ Internally, this uses the same decoding mechanism as the [method @GlobalScope.bytes_to_var] method.
[b]Warning:[/b] Deserialized objects can contain code which gets executed. Do not use this option if the serialized object comes from untrusted sources to avoid potential security threats such as remote code execution.
</description>
</method>
@@ -234,6 +235,7 @@
<param index="1" name="full_objects" type="bool" default="false" />
<description>
Puts a Variant into the stream. If [param full_objects] is [code]true[/code] encoding objects is allowed (and can potentially include code).
+ Internally, this uses the same encoding mechanism as the [method @GlobalScope.var_to_bytes] method.
</description>
</method>
</methods>